ACL usage revisted (need feedback)

Ken Murchison ken at
Tue Feb 10 09:46:26 EST 2004

Jason Williams wrote:

> Maybe someone can explain this to me, but are there any other options to 
> getting ACL functionality working correctly, besides using Sendmail? 
> Maybe im wrong, but im thinking Sendmail is our only option.

If you want to use the Cyrus ACLs to control who can send email (post) 
to a mailbox, you have no choice but to have the MTA pass the userid of 
the poster to lmtpd (via AUTH=).  This is the only way that lmtpd knows 
who is sending the message (looking at the headers or the envelope is 
unreliable because they can be easily forged).

I don't know much about Postfix, but I would imagine that you could 
restrict posting by using some kind of external lookup (LDAP, SQL, etc). 
  This obviously has the downside of requiring a set of "posting"  ACLs
which are separate from the rest of the mailbox ACLs.

Kenneth Murchison     Oceana Matrix Ltd.
Software Engineer     21 Princeton Place
716-662-8973 x26      Orchard Park, NY 14127
--PGP Public Key--
Home Page:
List Archives/Info:

More information about the Info-cyrus mailing list